ATTACK 2024 2023 2022 2021 2020 Other
DATE |
NAME |
INFO |
CATEGORY |
SUBCATEGORIES |
| 22.5.25 | Kerberoasting | Kerberoasting is a cyberattack that targets the Kerberos authentication protocol with the intent to steal AD credentials. | ATTACK | Windows |
| 16.5.24 | Spectre-v2 Attacks UPDATE | On the Limitations of Domain Isolation Against Spectre-v2 Attacks | ATTACK | CPU |
| 1.5.24 | MCP Prompt Injection | MCP Prompt Injection: Not Just For Evil | ATTACK | AI |
| 30.4.25 | SLAAC Snooping | NDP messages are unsecured, which makes SLAAC susceptible to attacks that involve the spoofing (or forging) of link-layer addresses. You must configure SLAAC snooping to validate IPv6 clients using SLAAC before allowing them to access the network. | ATTACK | IPv6 |
| 30.4.25 | Context Compliance Attack | (CCA), a jailbreak technique that involves the adversary injecting a "simple assistant response into the conversation history" about a potentially sensitive topic that expresses readiness to provide additional information | ATTACK | AI |
| 30.4.25 | Policy Puppetry Attack | a prompt injection technique that crafts malicious instructions to look like a policy file, such as XML, INI, or JSON, and then passes it as input to the large language model (LLMs) to bypass safety alignments and extract the system prompt | ATTACK | AI |
| 30.4.25 | Memory INJection Attack | (MINJA), which involves injecting malicious records into a memory bank by interacting with an LLM agent via queries and output observations and leads the agent to perform an undesirable action | ATTACK | AI |
| 27.4.25 | Password Spraying | The basics of a password spraying attack involve a threat actor using a single common password against multiple accounts on the same application. This avoids the account lockouts that typically occur when an attacker uses a brute force attack on a single account by trying many passwords. | ATTACK | Password |
| 25.4.25 | Cookie-Bite attack | Cookie-Bite: How Your Digital Crumbs Let Threat Actors Bypass MFA and Maintain Access to Cloud Environments | ATTACK | COOKIES |
| 23.4.25 | XRP supply chain attack | XRP supply chain attack: Official NPM package infected with crypto stealing backdoor | ATTACK | Crypto |
| 22.4.25 | DKIM Replay Phishing Attack | Google Spoofed Via DKIM Replay Attack: A Technical Breakdown | ATTACK | PHISHING |
| 16.4.25 | Multi-Stage Phishing Attack Exploits Gamma | Attackers exploit Gamma in a multi-stage phishing attack using Cloudflare Turnstile and AiTM tactics to evade detection and steal Microsoft credentials. | ATTACK | AI |
|
21.3.25 |
Trusted relationship attacks | Trusted relationship attacks: trust, but verify | ATTACK |
ATTACK |
|
19.3.25 |
Rules File Backdoor | New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents | ATTACK | AI |
|
16.3.25 |
VPN brute-force attacks | Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices | ATTACK | VPN |
| 7.3.25 | JavaScript Backdoors Enabling Persistent Attacker Access | Thousands of websites hit by four backdoors in 3rd party JavaScript attack | ATTACK | JavaScript |
| 15.2.25 | whoAMI Attack | whoAMI: A cloud image name confusion attack | ATTACK | Cloud |
| 5.2.25 | Memcached DDoS attack | Memcached can speed up websites, but a memcached server can also be exploited to perform a DDoS attack. | ATTACK | DDoS |
|
1.1.25 | DoubleClickjacking | is a new variation on this classic theme: instead of relying on a single click, it takes advantage of a double-click sequence. | ATTACK | Web |
|
25.11.24 |
The Dark Side of Domain-Specific Languages: Uncovering New Attack Techniques in OPA and Terraform |
ATTACK |
||
|
14.11.24 |
DNS Predators Hijack Domains to Supply their Attack Infrastructure |
DNS |
||
2.8.24 | Sitting Ducks | Researchers at Infoblox and Eclypsium have discovered that a powerful attack vector in the domain name system (DNS) is being widely exploited across many DNS providers. | ATTACK | Domain |
| 13.7.24 | Blast-RADIUS Attack | Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. | ATTACK | PROTOCOL |
9.7.24 | RADIUS | RADIUS is almost thirty years old, and uses cryptography based on MD5. Given that MD5 has been broken for over a decade, what are the implications for RADIUS? Why is RADIUS still using MD5? | ATTACK | Protocol |
| 2.7.24 | High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor | introduces novel high-precision Branch Target Injection (BTI) attacks, leveraging the intricate structures of the Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) in high-end Intel CPUs (Raptor Lake and Alder Lake). | ATTACK | CPU |
| 17.6.24 | ARM 'TIKTAG' attack | TIKTAG: Breaking ARM’s Memory Tagging Extension with Speculative Executi | ATTACK | ARM CPU |
23.5.24 | Positive Technologies detects a series of attacks via Microsoft Exchange Server |
Exchange | ||
17.5.24 | SSID Confusion Attack | This vulnerability exploits a design flaw in the WiFi standard, allowing attackers to trick WiFi clients on any operating system into connecting to a untrusted network. | Attack | WIFI |
10.5.24 | ServerIP Attack | Tricking the VPN client into using the wrong server IP | Attack | VPN |
10.5.24 | LocalNet Attack | On Windows, Linux, macOS and Android we are not vulnerable to the LocalNet attack. We never leak traffic to public IPs outside the VPN tunnel. However, on iOS we are affected by this attack vector. | Attack | VPN |
10.5.24 | LLMjacking | LLMjacking: Stolen Cloud Credentials Used in New AI Attack | Attack | Cloud |
9.5.24 | DHCP Starvation Attack | In DHCP starvation attacks, an attacker floods the DHCP server with DHCP requests to consume all available IP addresses that the DHCP server can allocate. After these IP addresses are allocated, the server cannot allocate any more addresses and this situation leads to a Denial of Service (DoS) attack as new clients cannot gain network access. | Attack | DHCP |
8.5.24 | Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor |
CPU | ||
| 24.4.24 | Dependency Confusion | Dependency confusion (also known as dependency repository hijacking, substitution attack, or repo jacking for short) is a software supply chain attack that substitutes malicious third-party code for a legitimate internal software dependency. There are various approaches to creating this kind of attack vector, including: | Attack | Attack |
10.4.24 |
We present InSpectre Gadget, an in-depth Spectre gadget inspector that uses symbolic execution to accurately reason about exploitability of usable gadgets. Our tool performs generic constraint analysis and models knowledge of advanced exploitation techniques to accurately reason over gadget exploitability in an automated way. |
CPU |
||
| 4.4.24 | VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks | HTTP allows messages to include named fields in both header and trailer sections. These header and trailer fields are serialised as field blocks in HTTP/2, so that they can be transmitted in multiple fragments to the target implementation | Alert | Alert |
| 4.4.24 | HTTP/2 ‘Rapid Reset’ DDoS attack | A number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second. | Attack | HTTP |
| 4.4.24 | HTTP/2 CONTINUATION Flood | tl;dr: Deep technical analysis of the CONTINUATION Flood: a class of vulnerabilities within numerous HTTP/2 protocol implementations. In many cases, it poses a more severe threat compared to the Rapid Reset: a single machine (and in certain instances, a mere single TCP connection or a handful of frames) has the potential to disrupt server availability, with consequences ranging from server crashes to substantial performance degradation. | Attack | HTTP |
| 27.3.24 | ZENHAMMER: Rowhammer Attacks | on AMD Zen-based Platforms | Attack | CPU |
| 23.3.24 | GoFetch Attack | GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs). | Attack | side-channel attack |
| 22.3.24 | Loop DoS | Loop DoS: New Denial-of-Service Attack targets Application-Layer Protocols | Attack | Application-Layer Protocols |
| 8.3.24 | CRLF Injection | The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They’re used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line. | Attack | OS |
| 5.3.24 | PASS-THE-HASH ATTACK | Pass the hash (PtH) is a type of cybersecurity attack in which an adversary steals a “hashed” user credential and uses it to create a new user session on the same network. Unlike other credential theft attacks, a pass the hash attack does not require the attacker to know or crack the password to gain access to the system. Rather, it uses a stored version of the password to initiate a new session. | Attack | PtH |
| 4.3.24 | ComPromptMized | ComPromptMized: Unleashing Zero-click Worms that Target GenAI-Powered Applications | Attack | AI |
| 2.3.24 | GOLDEN TICKET | A Golden Ticket attack is a malicious cybersecurity attack in which a threat actor attempts to gain almost unlimited access to an organization’s domain (devices, files, domain controllers, etc.) by accessing user data stored in Microsoft Active Directory (AD). | Attack | Attack |
| 2.3.24 | Golden SAML | Golden SAML, an attack technique that exploits the SAML single sign-on protocol, was used as a post-breach exploit, compounding the devastating SolarWinds attack of 2020—one of the largest breaches of the 21st century. | Attack | Attack |
3.2.24 | NTLM relay attacks A dangerous game of hot potato |
Attack | ||
29.1.24 |
Android, Java apps susceptible to novel MavenGate software supply chain attack technique |
Supply chain |
||
20.1.24 |
Adversaries may use a single or small list of commonly used passwords against many different accounts to attempt to acquire valid account credentials. |
Brute Force |
||
12.1.24 |
Apache Applications Targeted by Stealthy Attacker |
Apache |
||
1.1.24 |
Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation |
SSH |